Third party services can access Liquid resources and information, on behalf of Liquid users.

OAuth Application

To use OAuth services, an OAuthApplication must be created. Contact Liquid partner services to apply.

OAuth Request

Create an empty OAuth request.

POST /system/oauth_requests

X-Quoine-Auth: {(OAuth Approved, External App) User Token}
  external_ref: "external reference, not used by liquid"

User Approval

The response to the OAuthRequest returns app_challenge_href which is a URL that will prompt the user to approve the request.

Create and Sign OAuth JWT

After an OAuthRequest is approved by the user, the associated oauth_request_public_id and oauth_request_private_id can then be used in a JWT to access services on behalf of that user.

function createJwt(path, liquid_token_id, liquid_token_secret, oauth_request_public_id, oauth_request_private_id) {
    return jwt.encode(
            token_id: liquid_token_id,
            path: path,
            nonce: Date.now(),
            oauth_request_public_id: oauth_request_public_id,
            oauth_request_private_id: oauth_request_private_id

Fetch User Information

GET https://api.liquid.com/user/context
X-Quoine-Auth: createJwt('/user/context', ...)

Fetch User Accounts

GET https://api.liquid.com/accounts
X-Quoine-Auth: createJwt('/accounts', ...)

Last updated